| [整理]CAS单点登录,CAS Authentication Filter忽略jpg等文件的方法 | ||
上一篇:[备忘]java的UrlRewriteFilter,挺强大的~~ |
||
| 添加日期:2013/12/19 16:48:56 | 快速返回 返回列表 | 阅读7465次 |
<filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> 所有的URL都会走验证Filter,即使是一个jpg文件。 ----------------------------------- 假如,现在其它地方要引用图片,会因为未登录这边系统,导致无法显示 如: [http-8080-9] DEBUG org.jasig.cas.client.authentication.AuthenticationFilter - r edirecting to "http://10.0.103.118:8080/cas/login?service=http%3A%2F%2Fwww.a.com %3A8080%2FUserManage%2F%2Fspecial%2Fpic%2F20130821170117kt3fsscbgq.jpg" 会跳到login要求登录。 怎么办? (1)只写要拦截的URL。 比如我的action地址是在/user、/system和/admin三个URL下的,那么,改成这样: <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/user/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/system/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/admin/*</url-pattern> </filter-mapping> 只有这几个URL走验证,其它的都不走。 url-pattern只能写肯定的表达式,不能写否定的表达式,比较郁闷哈~~ (2)只写不拦截的URL 需要加一个Filter,不拦截的URL直接不执行后面的Filter链。 适合图片,js,css什么的~~ 要是某个URL还要执行后面的某个Filter,就不适合这么做了~~ 范例如下: <!-- ======================写P3P Header,解决IE的iframe的cookie问题======================= --> <filter> <filter-name>P3pHeaderFilter</filter-name> <filter-class>cn.xxx.cas.HeaderFilter</filter-class> <init-param> <param-name>ignore</param-name> <param-value>^(.+[.])(jsp|png|gif|jpg|js|css|jspx|jpeg|html|flv|swf|mp4|xml)$</param-value> </init-param> </filter> <filter-mapping> <filter-name>P3pHeaderFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> 之前写的一个Filter,直接改下,增加ignore参数,里面是个正则表达式, 符合这个表达式的URL,要被忽略掉,也就是不执行后续的Filter。 package cn.xxx.cas; import java.io.IOException; import java.util.regex.Pattern; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class HeaderFilter implements Filter { /** * 忽略的URL的正则表达式. */ private static final String IGNORE = "^.+\\.(jsp|png|gif|jpg|js|css|jspx|jpeg|swf|ico)$"; /** * 忽略的URL的正则对象. */ private Pattern ignorePtn; @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // 解决IE下,IFRAME引起的内部cookie丢失 HttpServletResponse res = (HttpServletResponse) response; res.setHeader("P3P", "CP=CAO PSA OUR"); // 判断URL是否跳过后续的Filter HttpServletRequest req = (HttpServletRequest) request; // URI是“/UserManage/special/pic/201308.jpg”,要把/UserManage去掉。 String path = req.getRequestURI().substring( req.getContextPath().length()); if (ignorePtn.matcher(path).find()) { request.getRequestDispatcher(path).forward(request, response); } else if (chain != null) { chain.doFilter(request, response); } } @Override public void init(FilterConfig conf) throws ServletException { // 取得参数 String ignore = conf.getInitParameter("ignore"); if (ignore == null || ignore.trim().length() == 0) { ignore = IGNORE; } else { ignore = ignore.trim(); } // 创建正则对象 ignorePtn = Pattern.compile(ignore, Pattern.CASE_INSENSITIVE); } } |
||
| 评论 COMMENTS | |
| 没有评论 No Comments. |
